Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Basic Troubleshooting for Remediation Failures of Microsoft Patches

            Modified on Sun, 11 May at 1:40 PM

            Overview:

            This article outlines the basic troubleshooting steps to resolve remediation failures related to Microsoft security patches in your environment using the Patch Management module.

            Step 1: Check Patch Repository Reachability

            1. Navigate to the Patch Management dashboard.

            2. Under Security Patches, locate the Patch Repository information under the Status section.

            3. Click on the repository status to check reachability to the patch source (Microsoft Patch Server or WSUS Server).

            4. Ensure the "Reachable" status is True.

              • If False, the device is unable to communicate with the patch repository, which could cause remediation to fail.



            Step 2: Validate Patch Availability on Device

            1. Access the device remotely.

            2. Open Windows PowerShell with Administrator privileges.

            3. Run the following command to list available updates:
              powershell -Command "(New-Object -ComObject Microsoft.Update.Session).CreateupdateSearcher().Search('IsHidden=0 and IsInstalled=0').Updates | Select-Object Title"

            4. If updates are available, they should be listed.

              • If you receive error codes, these must be resolved first before proceeding with patch remediation.

            Step 3: Verify Disk Space Availability

            • Insufficient disk space, especially on the C: drive or the System Reserved partition, can cause patches to fail.

            • Ensure enough space is available to download and install updates.

            Step 4: Understand Common Failure Reasons

            A. Windows Update Service Disabled

            • Error Message:

              The service cannot be started either because it is disabled or because it has no enabled devices associated with it. (0x80070422)

            • Resolution: Enable the Windows Update service and retry remediation.


            B. Pending Reboots

            • Patches may fail if a previous update is pending a reboot.

              • Reboot the system and try remediation again.

            Step 5: Run Windows Update Troubleshooter

            • Navigate to:
              Settings → Update & Security → Troubleshoot → Windows Update

            • Follow the on-screen instructions to detect and fix common update issues.


            Step 6: Review Windows Update Logs

            • Use PowerShell to generate a readable log: Run the below command
              Get-WindowsUpdateLog


            Step 7: Temporarily Disable Antivirus

            • Some third-party antivirus programs may interfere with patch installation.

            • Temporarily disable the antivirus and reattempt patch remediation.


            Conclusion:

            Following the steps above should help identify and resolve most basic issues related to Microsoft patch remediation failures. For persistent issues, please collect logs and contact support for further investigation.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0